In spite of the system being fully patched (as shown in the first video), Lee's work shows Windows Defender crashing and unable to restart.

Lee told The Register his discoveries aren't related to what Microsoft's fixed in response to Project Zero's recent disclosures. Those, he wrote in an e-mail, covered “multiple denial-of-service, integer overflow, and use-after-free bugs”, while his work has drilled into type confusions and logical bugs.

Lee's demonstration that MsMpEng needs to be sandboxed is in line with yet another Tweet from Ormandy (the world is waiting for what follows):

Sigh, more critical remote mpengine vulns. Found on Linux then reproduced on Windows, full report on the way. This needs to be sandboxed. pic.twitter.com/OzarAmOyH1

Ever since early May, MsMpEng's lack of sandboxing has been under increasing criticism from researchers. Yesterday, yet another sandbox escape was posted to GitHub by Thomas Vanhoutte. That contribution (not yet complete, Vanhoutte writes) aims to give a guest-privilege attacker the ability to use Defender to delete arbitrary files, including DLLs (which would offer various hijack opportunities). ®